| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200406160012.i5G0CBod020504@web170.megawebservers.com>
Date: Wed, 16 Jun 2004 00:12:11 -0000
From: "http-equiv@...ite.com" <1@...ware.com>
To: <BeSkyLined@...p.tudelft.nl>, <full-disclosure@...ts.netsys.com>,
<vulnwatch@...nwatch.org>
Cc: <bugtraq@...urityfocus.com>, <ntbugtraq@...tserv.ntbugtraq.com>
Subject: RE: Internet Explorer Remote Null Pointer Crash(mshtml.dll)
This is all incorrect.
1. Any unusual characters in a file name will automatically be
converted to random digits. This has been tested and
demonstrated since 2001.
2. 'Save target' and an invoked download whether automatic or
manually cannot be the same. Simple logic right click on a
15MB .mp3 and 'save target' and you don't wait hours for this
to occur. Neither does forcing the download which only downloads
the html or php or script or whatever trick is used initially to
auto download nor does directly invoking the download [clicking
on the file. Regardless of the way nothing is written.
3. Clearly what's being 'confused' here is with a frame which
does write the file and which cannot be combined with this
scenario for all the reasons above.
4. document.execCommand('SaveAs',false,'::%7b') also doesn't do
anything.
We may actually have to roll up our sleeves and get our soft
little hands dirty to solve this one what.
--
http://www.malware.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists